500 million accounts hacked, says Yahoo

500 million accounts hacked, says Yahoo

Washington, Sep 23 (IANS) Yahoo has confirmed that hackers stole information from at least 500 million user accounts in what it describes as a “state-sponsored” attack.

In a statement released on Thursday, Yahoo’s Chief Information Security Officer Bob Lord said that the information was stolen from the company’s network in late 2014, Fox News reported.

“The account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (the vast majority with bcrypt) and, in some cases, encrypted or unencrypted security questions and answers,” he said.

However, an ongoing investigation into the hack suggests that stolen information did not include unprotected passwords, payment card data, or bank account information, according to Lord. Payment card data and bank account information are not stored in the affected system, he added.

The investigation has found that the attacker is no longer in Yahoo’s network. The internet giant said that it is working with law enforcement.

Early on Thursday Recode reported that Yahoo was set to confirm a major data breach impacting hundreds of millions of users.

Shuman Ghosemajumder, Chief Technology Officer of Shape Security, warns that the shockwaves from the breach could be felt far beyond Yahoo.

“Most stories will focus on Yahoo users, but the damage there appears to have been done months ago, and Yahoo will simply reset all their passwords so no further damage can be done,” he said, in a statement emailed to FoxNews.com.

“The real issue now is that these passwords will be used to breach thousands of other websites unrelated to Yahoo.”

Cybercriminals, he explained, could use advanced automated tools to discover where users have used those same passwords on other sites.

The breach could also impact Yahoo’s $4.8 billion sale of its core business to Verizon.

The opinions, views, and thoughts expressed by the readers and those providing comments are theirs alone and do not reflect the opinions of www.mangalorean.com or any employee thereof. www.mangalorean.com is not responsible for the accuracy of any of the information supplied by the readers. Responsibility for the content of comments belongs to the commenter alone.

We request the readers to refrain from posting defamatory, inflammatory comments and not indulge in personal attacks. However, it is obligatory on the part of www.mangalorean.com to provide the IP address and other details of senders of such comments to the concerned authorities upon their request.

Hence we request all our readers to help us to delete comments that do not follow these guidelines by informing us at info@mangalorean.com. Lets work together to keep the comments clean and worthful, thereby make a difference in the community.